Drive Demeanor from your AI assistant. (Optional.)
Demeanor’s audit is the intelligence — it reads your compiled assemblies, recognizes framework patterns, and names the specific fix for anything risky. This page is optional reading. Every capability described here also runs from the standalone CLI documented in Getting Started. Customers who already use an MCP-capable assistant — Claude Code, Claude Desktop, Cursor, Windsurf, Continue.dev, or a VS Code MCP extension — can drive the same audit as a chat. Demeanor ships an MCP server exposing 20+ tools for audit, inspection, obfuscation, and deobfuscation that your AI agent can call.
Requires your own Claude subscription — not included with Demeanor. Any other MCP-capable assistant drives the same workflow with its own subscription.
Demeanor analyzes. The assistant relays. You decide.
Every .NET app has its own reflection, serialization, and framework quirks. Demeanor’s audit recognizes those patterns, classifies each finding, and recommends the fix — that work is done by Demeanor itself, whether you read the report in a terminal or have an assistant read it back to you.
What Demeanor does
- Reads your compiled assemblies and recognizes known framework patterns
- Classifies each finding: auto-protected, code-quality advisory, or required change
- Names the specific fix —
[Obfuscation]attribute, CLI flag, or source-level code change — with file and line - Applies the protection suite: renaming, string and constants encryption, resource encryption, control-flow obfuscation, call hiding, anti-tamper, anti-debug
What the assistant does
- Calls into Demeanor’s opt-in MCP server on your behalf
- Reads the audit output and relays findings in conversation
- Reads your source files so the conversation references real file and line numbers
- Proposes the fix Demeanor recommended and waits for your go-ahead
- Once you approve, edits the source file and re-runs the audit to prove the fix
What you do
- Read the findings — either in the terminal or as chat
- Decide which fix fits your app
- Accept, reject, or edit each proposed change before it’s written
- Review the dry-run; approve the final obfuscation
- Ship with confidence — CI runs Demeanor unattended, no AI in the build pipeline
What a conversational audit looks like
For a full 13-turn walkthrough over a real ASP.NET Core sample — verbatim audit output and both code fixes applied — see the CatalogService walkthrough. The Inspector exposes the same MCP surface for natural-language metadata queries; see the optional Inspector workflow for examples.
Terminal or chat — both do the same thing
Every task below is fully supported on the CLI. The conversational column is not a different feature set — it is the same Demeanor commands, sequenced by your MCP-capable assistant, with the findings explained in prose instead of a terminal table.
| Task | Standalone CLI (primary) | Conversational (optional) |
|---|---|---|
| Audit | demeanor audit prints a readable report; you read it | Assistant relays each finding against your source; you decide |
| Configure | demeanor init wizard asks Y/N questions | Assistant lays out the tradeoffs Demeanor identified; you choose; assistant writes the config |
| Debug crash | demeanor deobfuscate maps the names; you investigate | Assistant calls deobfuscate, reads your source, proposes a root cause |
| CI failure | demeanor audit + report show what changed | Assistant diffs the reports and explains the delta in prose |
| Exclusion rules | demeanor validate-exclusions confirms the rule coverage | Assistant explains the rule syntax and what your proposed rule will cover |
| New pattern | Audit flags it; read the docs or open an issue | Assistant recognizes it in conversation and recommends the next step |
For the full obfuscator-vs-obfuscator comparison, see /compare.
Setup in 60 seconds
If you do not use an MCP-capable assistant, you can skip this entire page —
install Demeanor per Getting Started
and run demeanor audit. The steps below are only for customers who
already have Claude Code, Claude Desktop, Cursor, Windsurf, or another MCP client
installed and want to drive the audit conversationally.
1. Install Demeanor (one command)
dotnet tool install -g WiseOwl.Demeanor.NET global tool. Installs demeanor and inspect on PATH. On first invocation, demeanor detects a supported MCP client (if present) and registers itself as an MCP server in its configuration — you do not have to edit any JSON. If no MCP client is installed, the bootstrap skips the registration silently; it can be re-run any time.
2. Set your license key
export DEMEANOR_LICENSE="your-enterprise-key"3. Open your project in the assistant and ask to obfuscate
From your project root, open a conversation in your MCP-capable assistant. If your assistant is Claude Code, a pre-installed skill exposes the workflow as a slash command:
cd path/to/your/project
claude
> /obfuscateThe assistant runs Demeanor’s audit, relays the findings, and waits for your decisions. For other MCP clients, ask the assistant to audit the assembly — it will call through the MCP server.
Most .NET obfuscators require your developers to learn a configuration language, manually identify reflection risks, and debug obfuscated failures through trial and error. That expertise takes weeks to build and leaves with the engineer who built it.
Demeanor’s audit is what fixes that — and it is a standalone command-line tool with a readable report. For customers who already use an MCP-capable AI assistant, the same audit runs as a chat, with the assistant proposing and applying the fixes Demeanor recommends. Either way, you remain in control. Demeanor does the analysis; the assistant (if you use one) is a conversational interface. The resulting build configuration runs unattended in CI — no ongoing AI dependency in the pipeline, no mystery.